1 \. A method for creating virtual private connections 

2 betweenNend points in a shared storage area network (SAN) , 

3 the steps \:ompr is ing : 



V 



4 a) providing a virtual connection architecture and a 

5 host initiator imperatively connected thereto, said host 
initiator generating and transmitting I/O commands to said 
virtual connection \architecture ; 

6 b) comparing source and destination information from 
9 said I/O commands to a predetermined list of allowable 

10 connections; and 



11 c) when said source and destination information matches 

12 said predetermined list of allowable connections, creating a 

13 data connection between said Host initiator and a storage 

14 device, or a logical portion thereof, operatively connected 

15 to said virtual connection architecture, thereby 

16 establishing a virtual private 



1 
2 
3 
4 



2. The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 1, 

\ 

wherein multiple virtual private SANs function independently 
and substantially simultaneously within said shared SAN. 
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1 3 . The method for creating virtual private connections 

2 between end points in a shared SAN as recited in claim 2, 

3 wherein multiple host\ initiators share a common physical 

4 data channel. 

1 4. The method for treating virtual private connections 

2 between end points in a \ shared SAN as recited in claim 2, 

3 wherein said multiple host initiators are provided a 

4 protected end-to-end data path. 

'% 1 5. The method for creating virtual private connections 

! n 

! tl 2 between end points in a shared SAN as recited in claim 2, 

! =2 \ 

! l! 3 wherein said multiple, virtual private SANs support at least 

l ti 4 one SAN productivity product \ from the group: hubs, switches, 

11 5 gateways and routers 



1 6. The method for creating virtual private connections 



Q 2 between end points in a shared \SAN as recited in claim 2, 

3 wherein said comparing step (b)l comprises determining a 

4 level of access permission for said host initiator. 
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1 7. The method for creating virtual private connections 

2 between end points in a shared SAN as recited in claim 6, 

3 the steps f urtherXcomprising : 

4 d) storing information representative of at least one 

5 of said allowable connections. 

1 8. The method forVrreating virtual private connections 

2 between end points in a ^shared SAN as recited in claim 7, 

3 wherein said storing sten (d) comprises storing said 

4 information in a virtual Connection cache. 

1 9. The method for creating virtual private connections 

2 between end points in a shared SAN as recited in claim 8, 

3 the steps further comprising! 

4 e) using said stored vitrtual connection information 

5 to validate subsequent requests for access from 

6 said host initiator. \ 

1 10. The method for creating! virtual private connections 

2 between end points in a shared S23N as recited in claim 8, 

3 wherein said virtual connection architecture comprises a 

4 virtual connection manager. » 
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11. The method for creating virtual private 
connections between end points in a shared SAN as recited in 
claim 2, whereim said multiple virtual private SANs are 
operable within a\ existing SAN without need for additional 
software, middleware, drivers, or modifications to an 
existing operating system. 

12. The method for creating virtual private 
connections between end\ points in a shared SAN as recited in 
claim 2, wherein said connections are fully secured 
independently of the security of each individual host. 



13 . The method for creating virtual private connections 
between end points in a shaned SAN as recited in claim 2, 
wherein said multiple virtuaA private SANs operate 
independently of attached storage devices. 



14. The method for creating^ virtual private connections 
between end points in a shared SAN as recited in claim 13, 
wherein said attached storage devices comprise any mixture 
of legacy or new technology storage devices . 
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15. The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 2, 
wherein said multiple virtual private SANs operates 
independently of connection interfaces and provide support 
for at least one from the group of interfaces: Fibre 
Channel, SCSI, othes SAN interfaces. 

16. The method nor creating virtual private 
connections between end points in a shared SAN as recited in 
claim 2, wherein said aA least one initiator host comprises 
a host initiator interface for providing a connection to 
said virtual connection architecture. 

17. The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 6, 
the steps further comprising :\ 

d) providing a registration engine for receiving a 
registration command firom said host initiator. 

18. The method for creating virtual private connections 
between end points in a shared SAN\ as recited in claim 17, 
wherein said registration command comprises at least one of 
the commands from the group: full registration, periodic 
registration, and de-registration commands. 

1 
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19. The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 18, 
wherein said registration engines comprises a host 
registration service operating on said host initiator. 

20. The method for creating virtual private 
connections between end posits in a shared SAN as recited in 
claim 18, wherein said registration commands comprise host 
and initiator specific information for facilitating 
automatic identification and configuration of said host and 
interface. \ 

21. The method for creating Virtual private connections 
between end points in a shared SAN as recited in claim 17, 
the steps further comprising: \ 

e) periodically monitoring the health status of said 
host initiator. \ 

22. The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 21, 
comprising the issuance of a periodic registration command. 
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23. The method for creating virtual private connections 
between end points in\a shared SAN as recited in claim 8, 
the steps further comprising: 

e) automatically capturing an existing SAN 
configuration andVusing said captured 
configuration information to automatically 
establish persistent\ access controls. 
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